menu

Personal data

13 August 2020 | Laure Marolleau

The French Data Protection Authority imposes a 250,000 euros fine on Spartoo

The Commission Nationale de l’Informatique et des Libertés (French Data Protection authority or “CNIL”) has just imposed a penalty of 250,000 euros on Spartoo, a company specializing in the online sale of shoes. The CNIL noted several breaches of the GDPR, the general regulation on data protection which came into force on May 25, 2018.

This is the first penalty imposed by the CNIL as “lead supervisory authority” in cooperation with other EU supervisory authorities as the consumers (and their personal data) of Spartoo which is based in Grenoble extend beyond French borders.

Read more
1 June 2020 | Laure Marolleau

Covid-19 and the “StopCovid” app

In the context of the COVID-19 pandemic, and more specifically the so-called “lockdown-lifting” strategy, the French Government decided to implement an app called “StopCovid” available on smartphones, the aim of which is to alert its users that they have been in close proximity to people who have been tested positive for COVID-19 and who use the same app, as this proximity entails a risk of transmission of the SARS-CoV-2 virus.

This is one of the digital devices implemented by the Government as part of this overall “lockdown-lifting” strategy.

Read more
12 May 2020 | Laure Marolleau

Covid-19 and Contact Tracing

While France is entering the first phase of its end-of-lockdown plan, the Government’s strategy to combat a resumption of the epidemic is now based on monitoring “contact tracing”, i.e. the swift identification of any person who has been close to a patient in order to also test him/her and, if necessary, isolate him/her to avoid the spread the of the disease.

French authorities are planning an “information system” based on two medical databases: Sidep and Contact Covid. As the design of the StopCovid app. is still under way, its deployment was not included in the end-of-lockdown plan presented on April 28, 2020.

Read more
29 April 2020 | Laure Marolleau

Covid-19 and Telework: Data protection

The Covid-19 pandemic has prompted many companies to implement teleworking solutions. The implementation of this type of working method requires that rules be duly followed to guarantee the security of information systems and processed data.

The French Data Protection Authority (Commission Nationale de l’Informatique et des Libertés or “CNIL”) has published recommendations to help secure personal data in this context.

Read more
28 February 2020 | Laure Marolleau

GDPR and Linky meters: The French Data Protection Authority puts EDF and Engie on notice

The French Data Protection Authority has served a formal notice on EDF and Engie for non-compliance with some of the requirements for obtaining consent in relation to the collection of consumption data from Linky smart meters, as well as for an excessive retention period of such consumption data.

Both companies have three months to comply.

Read more

All posts ared displayed

No more page

Next page

Load more